Friday, December 07, 2012

Many Smartphone Apps Lack Privacy Policies

"California's attorney general filed a first-ever privacy lawsuit against the maker of a smartphone application, a move that could shape how the nascent app industry handles personal information," reports the Wall Street Journal (here). The case involves the Delta Airlines Fly Delta app, which allows customers to check in to flights, pay for checked baggage and perform other tasks related to flying.

I have noted previously that many of the pharma health apps I have reviewed do not include privacy policies (see, for example, "Be Aware of What's Behind a Pharma Mobile App: Disclaimers Only Tell Part of the Story"). In fact, some pharma companies may be among the 100 companies that California's attorney general, Kamala D. Harris, sent letters to in October, giving them 30 days to respond or make their privacy policies accessible in their apps.

"While California is unique in applying its privacy law to apps," said the WSJ article, "Ms. Harris has said she hopes to use the state's influence in the technology industry to benefit users nationally." The article notes that "even as privacy policies on websites have become commonplace, many of the most-downloaded mobile apps don't have them."

"If an app collects personal information, it should include a privacy policy that explains how such data is protected (security), who owns the data, how users can access the data, where data is stored (on device or on remote web site) and instructions for opting out of data collection."

The survey also asks opinions regarding the FDA regulation of pharma apps, self-regulation by the industry, third-party certification, testing of algorithms, etc.

I won't reveal the results until I collect more responses -- you can view a de-identified summary of the results after taking the survey yourself (click here). Thanks for your input.